package com.project.AOP;

import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.project.common.BaseContext;
import com.project.service.LoginService;
import com.project.service.UserMemberService;
import com.project.entity.Login;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.aop.framework.AopConfigException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;

/**
 * ClassName: AopConfig
 * Package: com.project.AOP
 * Description:  权限校验
 *
 * @Author 看到风
 * @Create 2023/10/20 21:50
 * @Version 1.0
 */
@Component
@Aspect
@Slf4j
public class AopConfig {

    @Autowired
    private UserMemberService userMemberService;
    @Autowired
    private LoginService loginService;
    //定义一个切点（通过注解）

    @Pointcut("@annotation(com.project.AOP.HasRole))")
    public void pointcut(){}


    //前置通知(普通老师和院级校级老师权限验证)
    @Before("pointcut()")
    public void before(JoinPoint joinPoint ) throws Throwable {
        System.out.println("before-------------");

      // 获取到HttpServletRequest，ThreadLocal
        RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) requestAttributes;
        HttpServletRequest request = servletRequestAttributes.getRequest();

        Long userId = BaseContext.getCurrentId();
        LambdaQueryWrapper<Login> queryWrapper=new LambdaQueryWrapper<>();
        queryWrapper.eq(Login::getUserId,userId);
        Login login = loginService.getOne(queryWrapper);
        int identity=login.getIdentity();

        //获取请求参数，详见接口类
     //   Object[] objects = joinPoint.getArgs();


       /// int identity=((UserMember)objects[1]).getIdentity();
       // Long userId = ((JSONObject) objects[1]).getLong("userId");


        log.info("身份identity：",identity);

        //获取当前用户的角色集合
//        LambdaQueryWrapper<UserMember> queryWrapper = new LambdaQueryWrapper<>();
//        queryWrapper.eq(UserMember::getUserId, userId);
//        UserMember serviceOne = userMemberService.getOne(queryWrapper);

        //获取当前请求的方法上的注解hasRole中设置的角色
        MethodSignature signature = (MethodSignature) joinPoint.getSignature();

        //反射获取当前被调用的方法
        Method method = signature.getMethod();

        //判断当前方法是否有hasRole注解
        //如果有，判断是否用户具有注解属性中要求的角色
        //如果没有hasRole注解，那么说明方法不需要判断用户的角色，可以匿名访问
        HasRole hasRole = method.getDeclaredAnnotation(HasRole.class);
        if (identity < hasRole.value()) {


            throw new SecurityException("没有足够的权限执行此操作");
        }



    }
}
